<?php

	// +----------------------------------------------------------------------
	// | 防火墙
	// +----------------------------------------------------------------------
	// | Copyright (c) 2015-2024 http://www.yicmf.com, All rights reserved.
	// +----------------------------------------------------------------------
	// | Author: 微尘 <yicmf@qq.com>
	// +----------------------------------------------------------------------

	namespace addon\waf;

	use think\exception\HttpResponseException;
	use think\Response;
	use yicmf\addon\controller\Controller;
	use app\model\ucenter\IpPool as IpPoolModel;

	class Waf extends Controller
	{

		public function install()
		{
		}

		public function uninstall()
		{
		}


		public function onWafGet($param)
		{
			$ip = $this->request->ip();
			if (IpPoolModel::where('ip', $ip)->where('status', '<>',1)->find()) {
				if ($this->request->isAjax()) {
					$data['code'] = 403;
					$data['data'] = $param;
					$data['data']['ip'] = $this->request->ip();
					$data['message'] = '系统已拦截本次请求，可能的原因是本次请求带有不合法数据！';
					$response = Response::create($data, 'json', 403);
				} else {
					$this->assign('ip', $ip);
					$html = $this->fetch('show');
					$response = Response::create($html, 'html');
				}
				throw new HttpResponseException($response);
			}
		}

		protected function check()
		{
			$rules = $this->getConfig('rules');
			$str = urldecode($this->request->server('REQUEST_URI')) .
				urldecode($this->request->server('HTTP_COOKIE')) .
				urldecode(file_get_contents('php://input')) .
				implode('', getallheaders());
			foreach ($rules as $rule) {
				if (preg_match('^' . $rule . '^i', $str)) {
					return false;
				}
			}
			return true;
		}

	}
